Skip to content

arduino_secrets.h not added to Cloud sketches that contain secrets not defined via the web interface #443

New issue
New issue
Open
Open
arduino_secrets.h not added to Cloud sketches that contain secrets not defined via the web interface#443
Assignees
ubidefeo
Labels
topic: cloudRelated to Arduino Cloud and cloud sketchestopic: codeRelated to content of the project itselftype: imperfectionPerceived defect in any part of project
@per1234

Description

@per1234
per1234
opened on Jul 8, 2021

Describe the problem

Arduino Web Editor has a "Secret tab" feature that makes it easy to share sketches without accidentally exposing sensitive data (e.g., passwords or tokens). Secrets are automatically generated for any identifier in the sketch which starts with SECRET_ and contains all uppercase characters.

The values of these secrets can be defined on Arduino Cloud via a form in the "Secret" tab in Arduino Web Editor.

Secrets are also used in Arduino IoT Cloud Thing sketches to store network credentials. The value of these secrets can be set via the Arduino IoT Cloud web interface.

When you download a sketch containing secrets from Arduino Web Editor (via the ●●● > Download Sketch menu item), the downloaded ZIP file includes a file named arduino_secrets.h that contains #define directives for the secrets.

When you have defined the value of secrets via the Arduino Cloud web interfaces and then pull the sketch via Arduino IDE's Remote Sketchbook, the arduino_secrets.h file is added to the sketch.

🐛 However, if you have not defined values for the secrets via the web interface before pulling, then the sketch will not contain this file.
🐛 The sketch will fail to compile and the average user will find it very difficult to manually add the correct file and code for the missing secrets definitions.

To reproduce

  1. Open Arduino Web Editor.
  2. Click the New Sketch button.
  3. Add the following code: 
    char myPassword[] = SECRET_PASSWORD;
void setup() {}
void loop() {}
    You should see a tab named "Secret" appear. Do not define the value of SECRET_PASSWORD.
  4. Start the Arduino IDE.
  5. Open the sketchbook explorer sidebar (folder icon)
  6. Click the Remote Sketchbook tab (globe icon)
  7. Click the "Sign in" button and sign into your Arduino account if not already.
  8. In the Arduino IDE, click the name of the sketch you created in Arduino Web Editor.
  9. Click the "Pull" icon (cloud with downward arrow). Wait for the pull to finish.
  10. Double click the sketch to open it.
    🐛 The sketch contains only the primary .ino file and ReadMe.adoc.
  11. Select Tools > Board > Arduino AVR Boards > Arduino Uno from the Arduino IDE menus.
  12. Select Sketch > Verify/Compile from the Arduino IDE menus.
    🐛 The compilation fails:

    Compilation error: 'SECRET_PASSWORD' was not declared in this scope

Expected behavior

When a sketch that uses secrets is pulled, it will always contain:

Arduino IDE version

Original report

2.0.0-beta.8-snapshot.491fa19

Last verified with

9a6a457

Operating system

Windows

Operating system version

11

Additional context

I can envision two common use cases where secrets are not defined on Arduino Cloud before pulling the sketch:

  • The Arduino IoT Cloud web interface is used for the initial setup of a Thing, but the user wants to do all further sketch development in the IDE.
  • A copy of a sketch is created in Arduino Web Editor via the ●●● > Save As menu item (secret values are not transferred to the saved copy of the sketch).

Additional reports:

Issue checklist

  • I searched for previous reports in the issue tracker
  • I verified the problem still occurs when using the latest nightly build
  • My report contains all necessary details

Metadata

Metadata

Assignees

Labels

topic: cloudRelated to Arduino Cloud and cloud sketchestopic: codeRelated to content of the project itselftype: imperfectionPerceived defect in any part of project

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions